Computer automation relieves ERISA governance and risk management burdens.
Tip for February 2017
Broad in its reach, short on implementation specifics, and bristling with teeth, ramped up enforcement of fiduciary duty under ERISA has sent CFOs and HR executives scrambling to get a handle on how to ensure their organizations’ compliant oversight of retirement plans.
As a result, the need for internal controls for managing fiduciary practices is growing. According to Department of Labor reports, those controls are sorely lacking in most plans.
Studies reveal 5 reasons that internal process controls are nearly absent throughout the ERISA fiduciary community:
- While ERISA imposes serious responsibilities on organizations that sponsor employee benefit plans, the procedural or process tactics for fulfilling those responsibilities are not defined in ERISA;
- The internal controls that exist in most ERISA plans are finance focused not process focused;
- Governance and compliance activities are performed manually, poorly documented, and are driven by vendors’ standards not ERISA’s standards;
- Other regulatory programs that possess well defined compliance tactics tend to overshadow ERISA’s esoteric and vague “prudent process” concept due to the difficulty in relating that term to mainstream internal control systems; and
- Finance and human resources personnel are heavily burdened with multiple regulatory programs to administer.
- Automation of the processes required to legally manage an ERISA plan ensures consistent performance against fiduciary standards of care.
The time factor needed for compliance with ERISA’s fiduciary duty is a major drain on resources. By increasing the use of preventative automated controls, organizations can drive down the number of manual touch points and labor-intensive error detect controls. Similarly, using automated tools in the monitoring or controls-testing process will have an immediate beneficial impact on labor costs.
Increasing use of automated fiduciary controls can reduce costs in other ways, too. External auditors rely heavily on testing work performed in-house. The more testing performed by a computer, the less time an auditor must spend doing it.
- If your organization has a computerized governance, risk management, and compliance (“GRC”) system, internal controls for its fiduciary practices should be integrated quickly. If you are not GRC equipped, install an automated system that at least covers your team’s fiduciary responsibilities.
FiduciaryGRC™ is a computerized system of 72 specific internal controls that can be integrated into an existing GRC program or implemented stand-alone. Learn about FiduciaryGRC by e-mail or phone (800) 440-3457.
FiduciaryGRC is a trademark of Roland|Criss